netzowl
Member
The 1st one, hosting provider cannot do anything and advice my client to rebuild a whole website..again...the 2nd one, the hosting provider said will restore and backup to previous data..we'll see how it goes..
Website Been Hacked
- Thread starter netzowl
- Start date
-
Welcome to Original Babiato! All Resource are Free and No downloading Limit.. Join Our Official Telegram Channel For updates Bypass All the resource restrictions/Password/Key? Read here! Read Before submitting Resource Read here! Support Our Work By Donating Click here!
The 1st one, hosting provider cannot do anything and advice my client to rebuild a whole website..again...the 2nd one, the hosting provider said will restore and backup to previous data..we'll see how it goes..
CYBERGYPSY
Active member
I know there are expert webmasters here who are more experienced than me, but I would like to share something I personally use a plugins which is tried and tested. I use this plugin called WP Hide and Security Enhancer to change my login url and dashboard url and it has been working for me. Here's a link to the mentioned plugin
WP Hide & Security Enhancer
Hide and increase Security for your WordPress site using smart techniques. No files are changed on your server. Change default admin and wp-login urls
die2mrw007
Senior Developer
Hosting provider sometimes doesnt help to restore from an already provided backup solution. THe client himself will have to restore it under cpanel or seek some tech guy help for this. Its very simple as you just need to login to cPanel and check the daily backup providers like Acronis, R15soft, etc (as different hosting has partnership with different backup solution provider)...click on it and you will see a list of dates upto 30 days older backup in most cases. Just click on the desired date and then click on restore to live. The process will replace all your current files with the backup files.
Its simple usually.
netzowl
Member
I know there are expert webmasters here who are more experienced than me, but I would like to share something I personally use which is tried and tested. I use this plugin called to change my login url and dashboard url and it has been working for me. Here's a link to the mentioned plugin
WP Hide & Security Enhancer
Hide and increase Security for your WordPress site using smart techniques. No files are changed on your server. Change default admin and wp-login urlswordpress.org
Noted. Thanks..will look into it ..
netzowl
Member
Yeah, they're doing the restoration now..I'll see how it goes..later will try this method .. thanks ya!!~
CYBERGYPSY
Active member
die2mrw007
Senior Developer
@netzowl He is extremely right. Always secure the wp-admin login page with plugins like these. It makes the site more secure.I know there are expert webmasters here who are more experienced than me, but I would like to share something I personally use a plugins which is tried and tested. I use this plugin called WP Hide and Security Enhancer to change my login url and dashboard url and it has been working for me. Here's a link to the mentioned plugin
WP Hide & Security Enhancer
Hide and increase Security for your WordPress site using smart techniques. No files are changed on your server. Change default admin and wp-login urls
netzowl
Member
Thanks a mill!!~ Really appreciate it..btw its somehow very annoying ya .. they managed to do this to not here but all around the earth lol its like ransomware now..they infected everywhere .. darn
netzowl
Member
Noted..i will definitely use this after this..got to secure all my client's website .. thanks dude
CYBERGYPSY
Active member
I totally understand the situation. Before I found babiato, I used to download nulled themes from other sources and eventually I ran into some very big trouble. Ads were popping outta everywhere, users were redirected to dirty sites, all files and databases were modified, even the htaccess file was rewritten. So i tried installing this and i rewrited all the urls, wp-content, themes, plugins, login, Dashboard, everything. And it worked like magic.
Even though everything on babiato is totally clean, i still use it just in case things go south.
netzowl
Member
So the hosting provider just restore the website but still they asked me to remove all the plugins and theme manually and upload back fresh files via ftp .. hope it works lol
- Dec 1, 2018
- 24,150
- 27,403
- 120
@netzowl both your sites have the same issue? I mean same redirect? If so the look for similar plugins for both sites, make a list with their version and check against 0-day vulnerabilities. Some of the plugins are vulnerable to code inject and that might be your issue.
It happened to me once with a wp video player taken directly from wp repository and after few days ads and redirects appeared on site also some malicious code was injected in core files.
It happened to me once with a wp video player taken directly from wp repository and after few days ads and redirects appeared on site also some malicious code was injected in core files.
- Sep 8, 2019
- 366
- 191
- 43
NUKE EVERYTHING and start from zero. Those types of redirects are black hat SEO tricks using malware. You never know. I would nuke the whole web server, and ofc keep a good backup of it. There are a lot of pups that sh** all over your folders, and if you have more than one website on the server, you can be more than certain that it's also affected. Your system files can be affected at some point.
Edit:
If you need help, I can scan the whole thing for you for free and tell you the results and where to look very fast. But if you don't wipe everything, there is a big chance that the hackers already have full access to your server and are going to respawn the malicious codes as soon as you start uploading the clean versions. Just remove the user database table if you want me to check the .SQL too.
Last edited:
I think have mentioned it several times on similar topics, it all starts with a proper hosting and with what it provides you. Of course the site should also follow some basic rules such as updates, maintenance core etc. Having a hosting company we maintain a large volume of customers with to much plugins and themes that is not update.
Although our servers are shared hosting we do not leave it to the mercy of God. of course we have doubled the cost for custom or premium systems that a server could have for such or similar reasons, but it is preferable for us.
I can certainly not say that it is 100% safe or that our wall is impassable, but so far we have blocked a large volume. The biggest problem we face, is that in mail they use passwords "123456" with the result that it falls victim to spam and we have problems such as with blacklists, etc.... Yes, unfortunately we are dealing with such ridiculous issues.
Now, in terms of the issues you are facing, are you sure that you have found the causes? I did not understand and I apologize for that, if you are talking about for clues or proofs?
PS: plugins as mentioned in the above posts "wp hide" and other similar, if you use a simple site then you will not have a problem with these plugins, but if you have a complex site, then these plugins may make life difficult. But it is definitely a solution.
Although our servers are shared hosting we do not leave it to the mercy of God. of course we have doubled the cost for custom or premium systems that a server could have for such or similar reasons, but it is preferable for us.
I can certainly not say that it is 100% safe or that our wall is impassable, but so far we have blocked a large volume. The biggest problem we face, is that in mail they use passwords "123456" with the result that it falls victim to spam and we have problems such as with blacklists, etc.... Yes, unfortunately we are dealing with such ridiculous issues.
Now, in terms of the issues you are facing, are you sure that you have found the causes? I did not understand and I apologize for that, if you are talking about for clues or proofs?
PS: plugins as mentioned in the above posts "wp hide" and other similar, if you use a simple site then you will not have a problem with these plugins, but if you have a complex site, then these plugins may make life difficult. But it is definitely a solution.
sashikanta
Active member
WordPress is prone to hack so use Wp hide kind of plugins and captcha when login. I have a website in Plex control panel and it was never hacked,
- Avoid null plugins and themes
- Use captcha or limit login attempts
- Hide wp metas trough Wp hide kind of plugins
- Aggregate feed through feed burner or disable them
- Use SSL for Admin
/* SSL at Wp-Config */
define( 'FORCE_SSL_LOGIN', true );
define( 'FORCE_SSL_ADMIN', true ); - This one is very important
/* Updates */
define( 'WP_AUTO_UPDATE_CORE', true );
define( 'DISALLOW_FILE_MODS', true );
define( 'DISALLOW_FILE_EDIT', true );
netzowl
Member
Sadly yes, it happened to both my sites. Not the same redirection. What i observed, the 1st one redirected to like 5,6 websites..the 2nd one, i think around 2 website. Both use elementor plugin..the rest is related to woocommerce like shipping etc..
I also Faced this problem two months ago. I used Really Simple SSL Pro plugin and it came with redirect to spam site. My domain also got ban by Facebook which is the main traffic source to my site. Now i had to throw my 10 years old domain and bought new one and starting fresh! 
netzowl
Member
Yeah i agree with u..the 1st website i didnt do anything much..cause i didnt provide the client with hosting..he picked hosting provider himself..so he asked them to fix everything..once it was back to normal state. Then its happening again..now the hosting provider give up and asked my client to redo all the website again..which is pain in the a*s for me .. i saw the database. they copied the database and its haywire ..
The 2nd one i already follow suggestions from our fellow in Babiato here .. my hosting provider restore and do some fix but asked me to re-install fresh theme and plugin .. and i also install wp hide .. so far it turns out ok.. but still observing the website..
I would love to if u can scan the website.. anything i should provide for u too scan the website?
Thanks
netzowl
Member
I also Faced this problem two months ago. I used Really Simple SSL Pro plugin and it came with redirect to spam site. My domain also got ban by Facebook which is the main traffic source to my site. Now i had to throw my 10 years old domain and bought new one and starting fresh!
So sorry to hear that..wow 10 years old domain!! that must be so heartbreaking..
netzowl
Member
So my 1st client is kinda cheapscake lol he refused to pay me for website maintenance .. which is only around less then $200 anually .. so the website is left without anyone to look after and updating the plugins all..then when things like this happen, he blame the provider and assume their security is weak and vulnerable to get hack..me and the provider already explain in how maintenance is important to a website but still he blame the provider..
My intention of posting this thread is to asked if any of you here facing this problem and want to let all know that this attack is happening to every part of the world..
Similar threads
